Tab | Field | Value | Comment |
Basics | Make this domain available to | Notes clients and Internet Authentication/Authorization |
- Required
- LDAP Clients is optional
|
Basics | Group Authorization | Yes or No | Select Yes if you want to use Active Directory groups in database ACLs. |
Basics | Attribute to be used as name in an SSO token | $DN |
- Required only if there is an IBM® WebSphere® SSO server authenticating users against Active Directory so that users' LTPA tokens contain their Active Directory names.
- Requires Map names in LTPA token to be enabled in the Web SSO Configuration document.
- Ensures proper SSO operation for servers that authenticate users against Active Directory.
|
Basics - SSO configuration | Windows single sign-on for Web clients | Enabled | Enables efficient name lookups based on users' Active Directory logon (Kerberos) names. In combination with Attribute to be used as Notes Distinguished Name, allows the user's Kerberos identity to be associated with the Domino name. |
Basics - SSO configuration | Kerberos realm | Active Directory domain | Specify in uppercase characters, for example, AD.RENOVATIONS.COM. |
Naming Contexts (Rules) | Trusted for Credentials | Yes | |
LDAP | Attribute to be used as Notes Distinguished Name | attribute |
rather than
cn=Betty Zechman/ou=Marketing/o=Renovations
- Used to link this Active Directory record to a Notes distinguished name for determining user access to Domino resources.
|
LDAP | Type of search filter to use | Active Directory | |